Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          wDNVow8/S9hZ6If6WOYvJkvC/QOGQUgexZCWTEecr4c=
Subject key identifier:   5E:D6:16:79:4F:7E:F6:4C:8B:17:12:DA:E2:C9:D6:0A:91:DB:65:26
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       019659F0951B5302364EE66208BECDA88835
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          14FE
Signing time:             Mon 21 Apr 2025 20:01:01 +0000
Manifest this update:     Mon 21 Apr 2025 20:01:01 +0000
Manifest next update:     Tue 22 Apr 2025 20:01:01 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: a4L3zSu52W3Ci4CnOfyTwHVGaP9gLNeantFcxx2/lMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:f0:95:1b:53:02:36:4e:e6:62:08:be:cd:a8:88:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Apr 21 20:01:01 2025 GMT
            Not After : Apr 22 20:01:01 2025 GMT
        Subject: CN=5ed616794f7ef64c8b1712dae2c9d60a91db6526
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d6:0f:37:04:24:d2:9f:61:b0:57:ee:71:d5:
                    5f:79:90:63:de:31:c7:ed:db:18:24:db:c3:68:4d:
                    83:92:5b:38:c4:6c:8a:05:3f:98:99:aa:a0:0d:94:
                    8c:a5:ca:c3:9e:a6:19:77:e0:e7:da:c6:07:4c:a9:
                    42:30:83:9f:ff:ed:9e:9b:27:7e:f1:18:86:c5:c8:
                    33:e7:32:32:d3:d1:5d:83:0b:e6:04:7f:d7:3e:1c:
                    7d:23:af:17:6e:19:5c:8d:38:f4:f3:d0:61:3f:50:
                    38:c1:3d:2b:25:e8:54:24:26:c1:a0:08:1d:dc:e2:
                    a4:93:4d:8c:18:e0:a9:97:f4:9d:f2:d2:9b:d6:d7:
                    98:d2:6b:2c:3e:9d:ac:ea:f8:18:db:c3:00:e4:a5:
                    c4:ef:11:c0:a9:11:81:64:2d:f5:e3:03:28:47:bb:
                    54:3f:a0:08:69:a2:3c:3e:1e:e2:a8:fa:f7:b4:fe:
                    14:e0:24:9d:51:9f:5b:98:81:d7:01:67:57:c1:eb:
                    ba:6a:12:c9:61:08:e1:50:04:86:3c:58:19:07:b9:
                    77:37:b9:59:78:bf:48:35:4d:9d:23:2c:be:13:b7:
                    5c:0a:cd:66:2f:92:69:6d:e2:10:f5:3b:83:4f:78:
                    1e:7a:6e:9c:8c:f7:65:b9:5b:94:14:08:de:93:b6:
                    58:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:D6:16:79:4F:7E:F6:4C:8B:17:12:DA:E2:C9:D6:0A:91:DB:65:26
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:21:c5:fc:db:55:75:b1:9f:29:c3:cf:59:91:6b:ca:da:e5:
         92:66:f6:d2:2c:e0:23:69:6b:18:ce:b2:03:70:4b:5b:1b:45:
         0c:e7:76:ca:36:c3:1f:27:11:01:3d:c4:4a:2d:bb:1d:53:5f:
         1f:84:9c:d7:77:2e:85:6b:30:2a:10:f2:d3:68:41:e4:a0:87:
         f0:2b:3c:ba:88:aa:58:8a:f0:b1:82:fe:a4:04:f3:30:59:da:
         9f:38:44:9b:84:f4:fa:e9:ed:9f:21:3e:ab:38:be:77:03:a0:
         d1:14:8f:91:31:b7:89:39:3c:9f:2d:d0:b2:a8:05:f6:13:77:
         88:bb:10:05:70:a6:b3:02:aa:16:8a:1f:ff:6f:8e:77:68:e7:
         82:88:5b:6f:1c:fe:81:f4:ce:a1:9b:ed:24:67:c9:91:8f:ec:
         d0:f2:58:da:09:e7:e7:fe:63:c1:d0:8f:c5:b8:ec:6e:35:4c:
         24:d6:da:98:b0:94:eb:fd:1e:64:0b:22:ec:e3:76:61:09:7d:
         75:39:ec:c0:ac:dd:0a:64:a0:4a:19:08:5d:70:6c:03:35:bf:
         84:d1:9a:55:23:36:79:fe:34:5a:90:34:5f:ca:7b:c4:00:9a:
         40:a9:23:7e:bd:5d:28:3a:e8:54:6a:26:ec:57:43:0f:e0:1a:
         f8:17:76:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZ8JUbUwI2TuZiCL7NqIg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUwNDIxMjAwMTAxWhcNMjUwNDIyMjAwMTAxWjAzMTEwLwYDVQQD
Eyg1ZWQ2MTY3OTRmN2VmNjRjOGIxNzEyZGFlMmM5ZDYwYTkxZGI2NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtYPNwQk0p9hsFfucdVfeZBj3jHH
7dsYJNvDaE2Dkls4xGyKBT+YmaqgDZSMpcrDnqYZd+Dn2sYHTKlCMIOf/+2emyd+
8RiGxcgz5zIy09FdgwvmBH/XPhx9I68XbhlcjTj089BhP1A4wT0rJehUJCbBoAgd
3OKkk02MGOCpl/Sd8tKb1teY0mssPp2s6vgY28MA5KXE7xHAqRGBZC314wMoR7tU
P6AIaaI8Ph7iqPr3tP4U4CSdUZ9bmIHXAWdXweu6ahLJYQjhUASGPFgZB7l3N7lZ
eL9INU2dIyy+E7dcCs1mL5JpbeIQ9TuDT3geem6cjPdluVuUFAjek7ZY5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF7WFnlPfvZMixcS2uLJ1gqR22UmMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABiHF/NtV
dbGfKcPPWZFrytrlkmb20izgI2lrGM6yA3BLWxtFDOd2yjbDHycRAT3ESi27HVNf
H4Sc13cuhWswKhDy02hB5KCH8Cs8uoiqWIrwsYL+pATzMFnanzhEm4T0+untnyE+
qzi+dwOg0RSPkTG3iTk8ny3QsqgF9hN3iLsQBXCmswKqFoof/2+Od2jngohbbxz+
gfTOoZvtJGfJkY/s0PJY2gnn5/5jwdCPxbjsbjVMJNbamLCU6/0eZAsi7ON2YQl9
dTnswKzdCmSgShkIXXBsAzW/hNGaVSM2ef40WpA0X8p7xACaQKkjfr1dKDroVGom
7FdDD+Aa+Bd2Gg==
-----END CERTIFICATE-----